By Tobias Manolo
Hector Xavier Monsegur, the hacker responsible for the 2011 cyber attacks against Sony Pictures Entertainment, the Public Broadcasting Service and Fox Broadcasting Company, has been spared a lengthy jail sentence, thanks to his help in preventing over 300 further cyber attacks since.
Spotify, the popular Swedish music streaming service, has admitted it has been the subject of a data breach; just one user’s data was accessed which didn’t include any financial information or password, but the company has advised Android app users to upgrade to the latest version from Google, Amazon and Spotify app stores.
Microsoft has issued a warning against a hack that allows Windows XP to go on receiving security updates despite Microsoft officially ending support for the operating system. A ‘simple registry tweak’ allows users who have not migrated to a newer version of Windows to receive updates from Microsoft, pulling the updates from the released embedded versions of 13-year-old Windows XP. However, Microsoft warns that Windows XP customers may face problems if they install updates.
Security firm, Include Security, researchers have warned that Microsoft’s Outlook.com app for smartphones running Google’s Android operating system is exposing users’ data. Stored email attachments in Android’s file system area are accessible to rogue apps or third parties that have access to the phone. Due to the emails being stored on the app-specific file system, the Outlook.com app PIN code only protects the graphical user interface, and there is no method of ensuring message and attachment confidentiality.
Four security threats and breaches reported in just two days; for the companies involved, it’s not good news, but for users it is keeping us informed of potential threats to cyber attacks. Research carried out by OnePoll on behalf of Courion, providers of intelligent identity and access management solutions, has announced their findings… 1 in 5 UK workers in the UK believe hackers do a worthwhile job. Not only that, over a quarter of UK employees surveyed admitted they would pass on confidential data if they didn’t trust their employer.
The majority of survey respondents acknowledge that hackers are criminals, yet they also believe that there employers should do more to fix security defects, a belief principally held by the younger generation. It is this finding that highlights the lack of understanding and awareness of basic data protection policies, their own responsibilities in keeping data secure, and focuses on the worrying trend of snooping on sensitive customer data at work.
The survey also revealed that 39% of workers share login details with colleagues despite repeated warnings about protecting passwords; 33% would access or download information from a previous employer using an old password; and 33% would also consider accessing a previous employer’s data to help with a new job. Whilst the latter two results highlight the lack of comprehensive security solutions implemented to protect corporate data, the former result highlights the lack of knowledge and understanding by the employee of their role in keeping corporate data secure.
The survey should be a serious warning to organisations to not only improve the security levels and procedures on their corporate data, but also to invest in educating their employees about their role in protecting that data.